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METHOD AND DEVICE FOR CRYPTOGRAPHICALLY PROCESSING DATA 

BACKGROUND OF THE INVENTION 

The invention relates to a method for 
cryptographically processing data, comprising feeding, 
to a cryptographic process, values, namely, the data and 
a key, and carrying out the process in order to form 
cryptographically processed data. Such method is 
generally known. 

For cryptographically processing data, in 
practice there are often applied generally known 
processes. Examples of such cryptographic processes 
(algorithms) are DES and RSA [DES = Data Encryption 
Standard and RSA = Rives t, Shamir & Adleman] , which are 
described, e.g., in the book "Applied Cryptography" by 
B. Schneier (2nd edition), New York, 1996. 

Said processes are published since it was 
assumed that, in the event of sufficiently large key 
lengths, it would be impossible, on the basis of the 
processed data, to retrieve the original data and/or the 
key, even if the cryptographic process were known. 

However, Cryptographic algorithms can be 
attacked -the goal always is to find the encryption key 
in use- in different ways: (1) Mathematical attacks like 
differential and linear cryptanalysis ; (2) Hardware 
oriented attacks, called "Side Channel Attacks", viz. 



-1- 



Appendix 
Appl. No. 09/787,648 
Amdt. dated March 31, 2005 
Reply to Office Action of Dec. 2, 2004 
Substitute Specification 

attacks based on power consumption analysis or I/O 
timing analysis. 

U.S. Patent No. 5,745,577 discloses a method 
for advanced key scheduling of a secret key. The aim is 
to offer a protection against said mathematical attacks 
(differential and linear cryptanalysis) by mending the 
encryption algorithm. Amending the algorithm will cause 
change of its output and thus the disclosed method does 
not present any improvement against said "Side Channel 
Attacks" . 

SUMMARY OF THE INVENTION 

The present invention aims to improve the 
protection of a cryptographic device against "Side 
Channel Attacks". In short, said improvement is achieved 
by masking the data and/or the key by means of 
generating extra, auxiliary input (data or key) and 
compensating its influence to the output by adding, to 
the "main" encryption process, an auxiliary 
(compensating) process. By said masking measures it will 
be much more difficult to derive the value of data or 
key from the behavior of the power consumption of the 
cryptographic device. Said masking, however, happens in 
such a way that the result of the process as a whole 
remains unchanged: with the same input and key the 
amended algorithm results into the same, unchanged 
output . 
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Thus the invention presents a method of the 
type referred to in the preamble according to the 
invention which is characterized by feeding, to the 
process, auxiliary values, while compensating, by 
means of an auxiliary process, the influence of the 
auxiliary values to the output data, in order to mask 
the values used in the process. 

By masking the date and/or key(s) it becomes 
considerably more difficult to derive said values on 
the basis of the behavior of the process. The result 
of the process, i.e., the collection of processed 
data, in the event of a suitable choice of the 
auxiliary values may be unchanged, i.e., identical to 
the result of the process, if no auxiliary values have 
been fed to it. In this connection, an "auxiliary 
value" is understood to mean a value (data or key) 
which is fed to the process as a supplement to the 
corresponding data and key. 

The invention is therefore based on the 
insight that the derivation of the values used in a 
cryptographic process is rendered considerably more 
difficult if said values are masked using said 
auxiliary values and said auxiliary process. 

The invention is partly based on the further 
insight that the use of auxiliary values does not 
necessarily affect the outcome of the process. 
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In a first embodiment of the invention, an 
auxiliary value comprises a supplementary key which is 
fed to a supplementary process in order to form the 
key. 

By applying a combination of a known process 
and a supplementary process, there is formed a new 
cryptographic process, unknown per se, even if the 
supplementary process is also known per se . 

By deriving the key used for the known process 
(primary key) from a supplementary key (secondary key) 
using a supplementary process, there is achieved that 
not the (primary) key of the known process but the 
supplementary (secondary) key is offered to the 
combination of processes. In other words, externally the 
supplementary (secondary) key, and not the real 
(primary) key of the process proper, is used. Derivation 
of the key from the original data and the processed data 
has thereby become impossible. In addition, the 
derivation of the supplementary key has been rendered 
seriously more difficult, since the combination of the 
original process and the supplementary process is not 
known . 

Said embodiment of the invention is therefore 
based, inter alia, on the insight that prior knowledge of 
a cryptographic process is undesirable, such is contrary 
to what was so far assumed. Said embodiment is also based 
on the Further insight that attacks which elaborate on 
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knowledge of the process become considerably more 
difficult if the process is unknown. 

The supplementary process preferably comprises 
a cryptographic process. This renders the derivation of 
the supplementary key more difficult. Basically, however, 
a simple encoding may be applied, e.g., as a 
supplementary process. In the event of a cryptographic 
process, there is preferably applied an auxiliary key. 

The supplementary process advantageously is 
an invertible process. This enables the application of 
the method according to the invention in existing 
equipment with minimum modifications. If, e.g., a 
first device gives off a (supplementary) key which is 
applied in a second device according to the invention, 
then in the first device there may be used the inverse 
of the supplementary process to derive the 
supplementary key from the original key. In other 
words, although in both the first and the second 
device internally the original (primary) key is used, 
there is exchanged, between the devices, the 
supplementary (secondary) key. Intercepting the 
supplementary key, however, does not result in 
knowledge of the original key. 

It may be advantageous if carrying out the 
supplementary process takes place exclusively if the 
data has predetermined properties. In this manner, 
cryptographic processing may be carried out for 
specific, selected data only, while such is blocked 
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for all other data. In this manner, there is achieved 
a supplementary protection. 

An optimum security is provided if the 
process and the supplementary process are each 
constructed of several steps and in which there are 
alternately carried out steps of the process and the 
supplementary process. As a result, the properties of 
the known process are further veiled, as a result of 
which the derivation of the keys is further 
complicated . 

In a second embodiment of the invention, the 
process comprises several steps, each of which has a 
cryptographic operation for processing right-hand data 
derived from the data and a combinatory operation for 
combining, with the left-hand data derived from the 
data, the processed right-hand data in order to form 
modified left-hand data, in which the right-hand data, 
prior to the first step, is combined with a primary 
auxiliary value and the left-hand data is combined 
with an additional auxiliary value. As a result, the 
data used in the steps and transferred between the 
steps is masked. 

In order to make it possible for the primary 
and additional auxiliary values do not make themselves 
felt in the end result of the process, the right-hand 
data is combined, preferably immediately after the 
last step, with a further primary auxiliary value, and 
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the modified left-hand data is combined with a further 
additional auxiliary value. 

In order not to have the result of the 
operations affected by the primary auxiliary values, 
the method according to the invention is preferably 
carried out in such a manner that the right-hand data, 
in each step and prior to the operation, is combined 
with the primary auxiliary value of said step. A 
further protection is achieved if the processed 
right-hand data, following the processing, is combined 
with a secondary auxiliary value of said step. 

The secondary auxiliary value of a step is 
advantageously formed from the combination of the 
primary auxiliary value of the preceding step and the 
primary auxiliary value of the next step. 

As a result, it becomes possible to 
compensate the auxiliary value in the repeatedly next 
step, as a result of which said auxiliary value will 
not make itself felt in the end result of the process. 

It is possible to carry out the method 
according to the invention in such a manner, that all 
primary auxiliary values are equal. As a result, a 
very simple practical realization is possible. The use 
of several auxiliary values, which are preferably 
random numbers and are generated anew for each time 
the process is carried out, however, offers a greater 
cryptographic security . 
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A further simplification of said embodiment 
may be obtained if the primary auxiliary values and/or 
secondary auxiliary values repeatedly have been 
combined in advance with the operation in question. 
This is to say, combining with auxiliary values is 
processed in the operation in question (e. g. , a 
substitution) , in such a manner that the result of the 
operation in question is equal to that of the original 
operation plus one or two combinatory operations with 
auxiliary values. By in advance including in the 
operation the combinatory operations, a more simple 
and faster practical realization is possible. 

Said combinatory operations are preferably 
carried out using an XOR operation [XOR = exclusive 
OR] . Other combinatory operations, however, such as 
binary adding, are basically possible as well. 

The invention further provides a circuit for 
carrying out a method for cryptographically processing 
data. In addition, the invention supplies a payment 
card and a payment terminal provided with such 
circuit . 

Below, the invention will be further 
explained on the basis of the exemplary embodiments 
shown in the figures. 

BRIEF DESCRIPTION OF THE DRAWINGS 
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FIG. 1 schematically shows a cryptographic 
process according to the prior art. 

FIG. 2 schematically shows a first 
cryptographic process according to a first embodiment 
of the invention. 



FIG. 3 schematically shows a second 
cryptographic process according to a first embodiment 
of the invention. 



FIG. 4 schematically shows a way in which 
the processes of figures FIG. 1 and 2 may be carried 
out . 



FIG. 5 schematically shows a cryptographic 
process having several steps according to the prior 
art . 



FIG. 6 schematically shows a first 
cryptographic process according to a second embodiment 
of the invention. 



FIG. 7 schematically shows a second 
cryptographic process according to a second embodiment 
of the invention. 



FIG. 8 schematically shows a third 
cryptographic process according to a second embodiment 
of the invention. 



-9- 



Appendix 
Appl. No. 09/787,648 
Amdt . dated March 31, 2005 
Reply to Office Action of Dec. 2, 2004 
Substitute Specification 

FIG. 9 schematically shows a circuit in 
which the invention is applied. 

FIG. 10 schematically shows a payment system 
in which the invention is applied. 

PREFERRED EMBODIMENTS 

A (cryptographic) process P according to the 
prior art is schematically shown in FIG. 1. To the 
process P, there are fed input data X and a key K. On 
the basis of the key K, the process P converts the 
input data X into (cryptographically) processed output 
data Y: y = PK (X) . The process P may be a known 
cryptographic process, such as DES (Data Encryption 
Standard) , triple DES, or RSA (Rivest, Shamir & 
Adleman) . 

If the input data X and the output data Y 
are known, it is basically possible to derive the key 
K used. In the event of a key of sufficient length 
(i.e., a sufficient number of bits), it was so far 
deemed impossible to derive said key, even if the 
process P were known. Impossible in this case is to 
say that in theory it is admittedly possible, e. g. , 
by trying out all possible keys, to retrieve the key 
used, but that such requires an impossibly long 
computational time. Such "brute- force attack" is 
therefore hardly a threat to the cryptographic 
security . 
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Attacks recently discovered, however, make 
use of knowledge of the process, as a result of which 
the number of possible keys may be reduced 
drastically. Deriving the key K used and/or the input 
data X from the output data Y therefore becomes 
possible within acceptable computational times. 

The principle of the invention, whose object 
it is to render such attacks considerably more 
difficult and time-consuming, is schematically shown 
in FIG. 2. Just as in FIG. 1, to a (known) process P 
there are fed input data X and a (secret) key K to 
generate output data Y. 

Contrary to the situation of FIG. 1, in the 
situation of FIG. 2 the key K is fed to the process P 
from a supplementary process P* . The supplementary 
process P* has a supplementary (secondary) key K* as 
input data to produce, under the influence of an 
auxiliary key K' , the (primary) key K as output data. 
The key K is therefore not fed, as is the case in the 
situation of FIG. 1, from an external source (e. g. , a 
memory) to the process P, but is produced by the 
process P* from the supplementary (secondary) key K* : 

K = P*K' (K*) . 

It is therefore the secondary key K* , 
instead of the primary key K, which is predetermined 
and stored, e.g., in a key memory (not shown) . 
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According to the invention, the primary key K, which 
is fed to the process P, is not predetermined. 

The auxiliary key K' may be a permanently 
stored, predetermined key. It is also possible to 
apply a supplementary process P* in which no auxiliary 
key K' is used. 

The combination of the processes P and P* 
forms a new process which is schematically designated 
by Q. To the process Q which, on account of the 
supplementary process P*, is unknown per se, the input 
data X and the (secondary) key K* are fed to produce 
the output data Y. The relationship between the 
secondary key K* and the primary key K is veiled by 
the supplementary process P* . 

The supplementary process P* preferably is 
the inverse of another, invert ible process R. This is 
to say: 

P* = R'^ . 

This enables producing the secondary key K* 
from the primary key K using R and the auxiliary key 
K' : 

K* = Rk' (K) , 

as will be further explained later by reference to 
FIG. 5. The new process Q may possibly be extended by 
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the process R, in such a manner that the primary key 
K, instead of the secondary key K* , is fed to the 
process Q. The primary key K in this case in the 
process Q is derived from: 

K = P*K' (K*) = P*K. (Rk' (K) ) . 

This enables using the same (primary) key as in the 
prior art . 

The cryptographic process Q according to the 
invention, schematically shown in FIG. 3, also 
comprises a process P having a primary key K and a 
supplementary process P* having an auxiliary key K' , 
the primary key K being derived from the supplementary 
key K* by the supplementary process P* . Supplementing 
the process of FIG. 1, in this case the input data X 
is also fed to the supplementary process P*, in such a 
manner that the primary key K is determined partly as 
a function of the input data X: 

K = P*K' (K*, X) . 

As a result, there is obtained a 
supplementary cryptographic protection. In addition, 
as a result the possibility is offered to carry out 
the supplementary process P* exclusively if certain 
input data is offered. This is to say that the 
supplementary process P* may comprise a test of the 
input data X, and carrying out the supplementary 
process P* may depend on the result of said test. 
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Thus, the supplementary process P*, e.g., may be 
carried out only if the last two bits of the input 
data X equal zero. The effect of such an input 
data -dependent operation is that only for certain 
input data X the correct primary key K will be 
produced in such a manner that only said input data 
will deliver the desired output data Y. It will be 
understood that as a result the cryptographic security 
is further enhanced . 

FIG. 4 schematically shows the way in which 
substeps of the processes P and P* may be carried out 
alternatingly ("interleaving") in order to further 
enhance the protection against attacks. The substeps 
may include so-called "rounds", such as, e.g., in the 
case of DES . The substeps, however, preferably 
comprise only one or a few instructions of a program, 
with which the processes are being carried out. 

In a first step 101, there is carried out a 
first substep Pi of the process P. Subsequently, in a 
second step 102, the first substep Pi* of the 
supplementary process P* is carried out. 

Likewise, in a third step 103, the second 
substep P2 of the process P is carried out etc. This 
continues until, in step 110, the last substep Pn* of 
the supplementary process P* has been carried out, it 
being assumed, for the sake of the example, that the 
processes P and P* comprise an equal number of 
substeps. If such is not the case, in step 110 there 
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is carried out the last corresponding substep, and in 
further steps the remaining substeps are carried out . 

By alternating the substeps of the process 
P, which is known per se, and the process P* (possibly 
known per se as well) , there may be obtained a series 
of substeps which does not correspond to that of a 
known process. As a result, the nature of the process 
is more difficult to recognize. 

The cryptographic process P schematically 
shown, only by way of example, in FIG. 5, according to 
the prior art comprises several steps Si (i.e.. Si, 
S2/ . . w Sn) . In each step Si, (right-hand) data RDi is 
fed to a cryptographic operation Fi . Said 
cryptographic operation may itself comprise a number 
of substeps, such as an expansion, a combination with 
a key, a substitution and a permutation which, 
however, have not been designated separately for the 
sake of the simplicity of the drawing. The 
cryptographic operation Fi provides processed data FDi : 

FDi = Fi(RDi) . 

In a combinatory operation CCi (CCi, CC2, the index i 

always indicating the step S in question) , the processed 
data FDi is combined with left-hand data LDi to form 
modified (left-hand) data SDi which, just as the original 
right-hand data RD, is passed on to the next step. The 
combinatory operations CCi preferably are XOR operations 
(symbol : ®) . 
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As is shown in FIG. 5, at the end of each 
step Si the modified left-hand data SDi and the 
right-hand data RDi change positions in such a manner 
that they form the right-hand data RDi+i and the 
left-hand data LDi+i of the next step Si+i. 

The left-hand data LDi and the right-hand 
data RDi of the first step Si were derived, in a 
preceding operation, from input data X and, in doing 
so, may undergo a preparatory processing, such as an 
input permutation. The output data SDn and RDn of the 
last step Sn form the processed data Y of the process 
P, possibly after it has undergone a final operation, 
such as an output permutation PP"'''.. 

The cryptographic process of FIG. 6 largely 
corresponds to that of FIG. 5. In accordance with the 
invention, the data present in and between the steps 
is masked with auxiliary values. For this purpose, in 
this embodiment the first step Si is preceded by 

(preparatory) combinatory operations DC and EC, which 
are preferably XOR operations as well. They combine 
the left-hand data LDi, and the right-hand data RDi, 
respectively, which originate from the preparatory 
operation (PP) , with a zeroth auxiliary value Aq and a 
first auxiliary value Ai . The results of the 
combinatory operations DC and EC are left-hand masked 
data LD ' 1 and right-hand masked data RD'i, respectively 

(in the continuation of this text, masked data will be 
designated by an apostrophe) . The maskings make 
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themselves felt in the subsequent steps. Since the 
left-hand data of the second step S2 is equal to the 
masked right-hand data of the first step Si, said 
left-hand data LD ' 2 is masked as well. The right-hand 
data RD'2 0f the second step is masked since it is 
equal to the masked, modified data SDi'. 

Combining the data LDi and RDi with the 
auxiliary values Ai therefore results in the modified 
data LDi' and RDi ' being masked, as a result of which 
it is considerably more difficult to derive the 
original data X or the key used from the masked data 
LDi ' and RDi ' . 

In order to remove the auxiliary values Ai 
prior to the final operation (PP'^) , there are provided 
completing combinatory operations FC and GC, which 
combine the modified and masked left-hand data SD'n of the 
last step Sn with an auxiliary value An+i and the masked 
right-hand data RD'n with an auxiliary value An, 
respectively. On account of Ai ©. Ai being zero in this 
manner the maskings are removed by the auxiliary values 
Ai . As a result, it is possible to carry out the method 
in such a manner that, notwithstanding the use of the 
auxiliary values Ai, the final data Y is equal to that 
which would have been obtained by the conventional method 
according to FIG. 5. 

In order to exclude the effect of the 
auxiliary values Ai on the results FDi of the 
operations Fi, in each step Si there is preferably 
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present a supplementary combinatory operation ACi which 
combines the right-hand data RDi with a (primary) 
auxiliary value Ai before this data is fed to the 
cryptographic operation Fi. The result of each 
supplementary combinatory operation ACi is non-masked 
right-hand data RDi, so that the cryptographic 
operation Fi works on the same data as in the process 
of FIG. 5. 

There may be advantageously inserted a further 
combinatory operation BCi between the cryptographic 
operation Fi and the combinatory operation CCi with the 
purpose of combining the processed (right-hand) data FDi 
with a further (secondary) auxiliary value Bi . As a 
result, there may be achieved a masking of the processed 
data FDi and a further masking of the (modified) 
left-hand data SD'i. The combinatory operations ACi and 
BCi preferably are XOR operations as well . 

In accordance with a further aspect of the 
invention, the auxiliary values Ai and Bi are related. 
The secondary auxiliary values Bi are formed, preferably 
using an XOR operation, from the first auxiliary value 
Ai_i of the previous step and the auxiliary value Ai+i of 
the next step: 

Bi =Ai-i © Ai^i 

This results in each primary auxiliary value Ai+i which, 
using a further supplementary combinatory operation BCi, 
is combined with the processed right-hand data FDi as an 
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ingredient of the secondary auxiliary value Bi, 
repeatedly being compensated in the next step, i.e., step 
Si+i, by means of a combinatory operation ACi before the 
right-hand data RDi+i is subjected to the operation Fi . 
The (masked) right-hand data RD'i in question, which 
forms the (masked) left-hand data LD'i+iof the still next 
step Si+2 are combined there with the primary auxiliary 
value Ai+i and is compensated in this manner. The 
auxiliary value Ai+i makes itself felt in the modified 
data SD'i, in such a manner that this remains masked 
between two steps . 

The left-hand data LD'iOf the first step Si is 
masked with the additional or zeroth (primary) auxiliary 
value Aq. By combining, with the secondary auxiliary value 
Bi = Ao © A2, the initial auxiliary value Aq is removed (on 
account of Aq © Aq being zero) , but the auxiliary value A2 
and the masking achieved therewith are maintained. The 
zeroth auxiliary value Aq in this embodiment is preferably 
chosen equal to the first auxiliary value Ai. 

Although all primary auxiliary values Ai are 
preferably chosen to be different, with the exception of 
Aq = Ai, it is possible to choose all primary auxiliary 
values Ai to be equal. In this case, all secondary 
auxiliary values Bi in the embodiment shown will be equal 
to zero, so that the further combinatory operations BCi 
may be omitted. The invention further applies to 
processes P which contain only one step S, or have a 
deviating structure . 
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In the process of FIG. 7, which largely 
corresponds to that of FIG. 6, the combinatory operations 
ACi and BCi and the cryptographic operation Fi in each 
step are integrated to form a combined operation F'l. 
Integrating the combinatory operations in the operations 
Fi is possible by suitably adjusting, e.g., a 
substitution table of the operation Fi . As a result, the 
supplementary combinatory operations ACi and BCi niay be 
omitted and the result of the adjusted operation Fi' is 
equal to the result of the total of the operation Fi 
proper and the combinatory operations: 

FD'i= F'i (RD'i) = Bi © Fi (Ai © RD'i) . 

Basically, each step Si requires a different 
combinatory operation Fi in which various auxiliary 
values Ai are integrated (see FIG. 6) . Only if the 
auxiliary values Ai are chosen equal, i.e., A1=A2 =... = 
An, the combinatory operations Fi in this embodiment may 
be equal. 

Each time the process is carried out, the 
values Ai are preferably chosen anew. For the process of 
FIG. 7, this means that the combined operations Fi ' are 
then determined anew. Since the operations F'i in many 
implementations will comprise the use of several tables, 
such as substitution tables, said tables will be 
determined anew each time the process P is carried out. 
In order to offer a supplementary protection against 
attacks, according to a further aspect of the invention 
the tables will be determined in random order. If a 
combined operation F'i comprises, e.g., eight tables. 
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said eight tables will be determined in another order 
each time said operation F'l is carried out a new. Said 
order may be determined on the basis of the contents of 
an order register, which contents may each time be formed 
by a random number originating from a random-number 
generator. On the basis of the contents of the order 
register there may each time be composed a fresh lookup 
table. Using the lookup table, the tables may be written 
to a memory and later be read out . 

According to a further aspect of the invention, 
supplementing this or instead thereof, the elements of 
each table may be determined and/or stored in random 
order. With this measure it is achieved that the 
protection against attacks is also improved. In this 
case, too, there may be applied a lookup table on the 
basis of which the elements may later be retrieved. 

The measures referred to above may also be 
applied in another embodiment of the invention, such as 
the one of FIG. 8, or in completely different other 
processes, whether cryptographic or not. 

The embodiment of FIG. 8 largely corresponds to 
that of FIG. 7. Supplementing FIG. 7, each step Si, with 
the exception of the last step Sn, includes a combinatory 
operation HCi which combines the right-hand data RD'i with 
a tertiary auxiliary value Wi . The tertiary auxiliary 
value Wi preferably equals the XOR combination of the 
auxiliary values Aq and Ai : 

W = Ao ® Ai, 
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where Aq ^ Ai . 

This results in the operation HCi always adding 
the zeroth auxiliary value Aq and compensating the first 
auxiliary value Ai. As a result, it is possible that all 
cryptographic operations Fi are essentially identical, 
which requires a much smaller processing and/or storage 
capacity from a processor system with which the method is 
carried out. In the embodiment of FIG, 8, the operations 
F"i are such adjustments of the original operations Fi, 
that these are corrected for the auxiliary value Ai and in 
addition combine the tertiary auxiliary value W = Aq ®. .Ai 
with their result. In other words, if RDi ® Ai is fed to 
F"i, the result will be equal to: 

FD'i=Fi{RDi) ® W. 

It will be understood by those skilled in the 
art that the combinatory processes ACi, BCi and HCi may be 
carried out in different locations in the cryptographic 
process P to achieve a comparable or even identical 
effect . 

FIG. 9 schematically shows a circuit 10 for 
implementing the method according to the invention. The 
circuit 10 comprises a first memory 11, a second 
memory 12 and a processor 13, the memories 11 and 12 and 
the processor 13 being coupled using a data bus 14. By 
providing two memories, it is possible each time to carry 
out a substep of one of the processes P and P* (see 
FIG. 4), to store the result of said substep in, e. g., 
the first memory 11, and from the second memory 12 to 
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transfer a previous interim result from the other process 
to the processor 13. In this manner, it is possible to 
efficiently carry out the alternating computation of 
substeps of two different processes. 

The payment system schematically shown in 
FIG. 10 comprises an electronic payment means 1 and a 
payment station 2. The electronic payment means 1 is, 
e.g., a so-called smart card, i.e., a card provided with 
an integrated circuit for storing and processing payment 
data. The payment station 2 comprises a card reader 21 
and a processor circuit 22. The processor circuit 22 may 
correspond to the circuit 10 of FIG. 9. 

At the beginning of a transaction, the payment 
means 1 transmits an identification (card identification) 
ID to the payment station 2. By reference to said 
identification, the payment station 2 determines a key 
which will be used for said transaction. Said 
identification ID may be fed as input data X (see the 
figures 1-3) to a cryptographic process which, on the 
basis of a master key MK (not shown) , produces an 
identification-dependent transaction key Kid as output 
data Y. In accordance with the invention, for this 
purpose the process shown in the figures FIG. 2 and 3 is 
used, the master key MK having been converted in advance, 
using a process R, into a supplementary master key MK* . 
Said supplementary master key MK* is now fed, preferably 
together with the identification ID, in accordance with 
FIG. 3, to the supplementary process P* in order to 



-23- 



Appendix 
Appl. No. 09/787,648 
Amdt. dated March 31, 2 0 05 
Reply to Office Action of Dec. 2, 2004 
Substitute Specification 

reproduce the original master key MK and to derive the 
transaction key Kid from the identification ID. 

Although, in the figures FIG. 2 and 3, there is 
always shown one single supplementary process P*, there 
may possibly be used several processes P* , p**, p***^ ... 
in series and/or in parallel to derive the primary key K. 

It will be understood by those skilled in the 
art that many modifications and amendments are possible 
without departing from the scope of the invention. 
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